cvelistv5 - cve-2010-2935

CVE-2010-2935 (GCVE-0-2010-2935)

Vulnerability from cvelistv5

Published

2010-08-25 19:00

Modified

2024-08-07 02:46

Severity ?

CWE

Summary

simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error."

References

URL

Tags

	http://secunia.com/advisories/40775	third-party-advisory, x_refsource_SECUNIA
	http://www.openoffice.org/servlets/ReadMsg?list=dev&msgNo=27690	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=622529	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:221	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2010/2003	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/60799	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1024976	vdb-entry, x_refsource_SECTRACK
	http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml	vendor-advisory, x_refsource_GENTOO
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12063	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2011/0150	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/42927	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2010-0643.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2011/0230	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/2149	vdb-entry, x_refsource_VUPEN
	http://www.openwall.com/lists/oss-security/2010/08/11/1	mailing-list, x_refsource_MLIST
	http://www.vupen.com/english/advisories/2010/2228	vdb-entry, x_refsource_VUPEN
	http://www.openoffice.org/security/cves/CVE-2010-2935_CVE-2010-2936.html	x_refsource_CONFIRM
	http://secunia.com/advisories/41235	third-party-advisory, x_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1056-1	vendor-advisory, x_refsource_UBUNTU
	http://www.vupen.com/english/advisories/2011/0279	vdb-entry, x_refsource_VUPEN
	http://www.securitytracker.com/id?1024352	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/43105	third-party-advisory, x_refsource_SECUNIA
	http://securityevaluators.com/files/papers/CrashAnalysis.pdf	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2010/dsa-2099	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html	x_refsource_CONFIRM
	http://secunia.com/advisories/41052	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/2905	vdb-entry, x_refsource_VUPEN
	http://www.openwall.com/lists/oss-security/2010/08/11/4	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:46:48.941Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "40775",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40775"
          },
          {
            "name": "[dev] 20100806 Two exploitable OpenOffice.org bugs!",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openoffice.org/servlets/ReadMsg?list=dev\u0026msgNo=27690"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=622529"
          },
          {
            "name": "MDVSA-2010:221",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:221"
          },
          {
            "name": "ADV-2010-2003",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2003"
          },
          {
            "name": "60799",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60799"
          },
          {
            "name": "1024976",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024976"
          },
          {
            "name": "GLSA-201408-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:12063",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12063"
          },
          {
            "name": "ADV-2011-0150",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0150"
          },
          {
            "name": "42927",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42927"
          },
          {
            "name": "RHSA-2010:0643",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0643.html"
          },
          {
            "name": "ADV-2011-0230",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0230"
          },
          {
            "name": "ADV-2010-2149",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2149"
          },
          {
            "name": "[oss-security] 20100811 CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/08/11/1"
          },
          {
            "name": "ADV-2010-2228",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2228"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openoffice.org/security/cves/CVE-2010-2935_CVE-2010-2936.html"
          },
          {
            "name": "41235",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41235"
          },
          {
            "name": "USN-1056-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1056-1"
          },
          {
            "name": "ADV-2011-0279",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0279"
          },
          {
            "name": "1024352",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024352"
          },
          {
            "name": "43105",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43105"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securityevaluators.com/files/papers/CrashAnalysis.pdf"
          },
          {
            "name": "SUSE-SR:2010:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
          },
          {
            "name": "DSA-2099",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2099"
          },
          {
            "name": "SUSE-SR:2010:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
          },
          {
            "name": "41052",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41052"
          },
          {
            "name": "ADV-2010-2905",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2905"
          },
          {
            "name": "[oss-security] 20100811 Re: CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/08/11/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-08-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an \"integer truncation error.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "40775",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40775"
        },
        {
          "name": "[dev] 20100806 Two exploitable OpenOffice.org bugs!",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openoffice.org/servlets/ReadMsg?list=dev\u0026msgNo=27690"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=622529"
        },
        {
          "name": "MDVSA-2010:221",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:221"
        },
        {
          "name": "ADV-2010-2003",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2003"
        },
        {
          "name": "60799",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60799"
        },
        {
          "name": "1024976",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024976"
        },
        {
          "name": "GLSA-201408-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:12063",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12063"
        },
        {
          "name": "ADV-2011-0150",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0150"
        },
        {
          "name": "42927",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42927"
        },
        {
          "name": "RHSA-2010:0643",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0643.html"
        },
        {
          "name": "ADV-2011-0230",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0230"
        },
        {
          "name": "ADV-2010-2149",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2149"
        },
        {
          "name": "[oss-security] 20100811 CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/08/11/1"
        },
        {
          "name": "ADV-2010-2228",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2228"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openoffice.org/security/cves/CVE-2010-2935_CVE-2010-2936.html"
        },
        {
          "name": "41235",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41235"
        },
        {
          "name": "USN-1056-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1056-1"
        },
        {
          "name": "ADV-2011-0279",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0279"
        },
        {
          "name": "1024352",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024352"
        },
        {
          "name": "43105",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43105"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securityevaluators.com/files/papers/CrashAnalysis.pdf"
        },
        {
          "name": "SUSE-SR:2010:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
        },
        {
          "name": "DSA-2099",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2099"
        },
        {
          "name": "SUSE-SR:2010:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
        },
        {
          "name": "41052",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41052"
        },
        {
          "name": "ADV-2010-2905",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2905"
        },
        {
          "name": "[oss-security] 20100811 Re: CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/08/11/4"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-2935",
    "datePublished": "2010-08-25T19:00:00.000Z",
    "dateReserved": "2010-08-04T00:00:00.000Z",
    "dateUpdated": "2024-08-07T02:46:48.941Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2011-AVI-243

Vulnerability from certfr_avis

Une mise à jour émise par IBM corrige de nombreuses vulnérabilités dans IBM Lotus Symphony.

Description

IBM a publié le 20 avril 2011 un ensemble de mise à jour corrigeant de nombreuses vulnérabilités dans IBM Lotus Symphony.

Les vulnérabilités corrigées sont localisées dans OpenOffice.org et autorisent un utilisateur malintentionné à exécuter du code arbitraire à distance ou à supprimer des fichiers.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM Lotus Symphony 3.x

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité IBM swg21496070 du 20 avril 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eIBM Lotus Symphony 3.x\u003c/p\u003e",
  "content": "## Description\n\nIBM a publi\u00e9 le 20 avril 2011 un ensemble de mise \u00e0 jour corrigeant de\nnombreuses vuln\u00e9rabilit\u00e9s dans IBM Lotus Symphony.\n\nLes vuln\u00e9rabilit\u00e9s corrig\u00e9es sont localis\u00e9es dans OpenOffice.org et\nautorisent un utilisateur malintentionn\u00e9 \u00e0 ex\u00e9cuter du code arbitraire \u00e0\ndistance ou \u00e0 supprimer des fichiers.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-4643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4643"
    },
    {
      "name": "CVE-2010-3453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3453"
    },
    {
      "name": "CVE-2010-3451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3451"
    },
    {
      "name": "CVE-2010-3452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3452"
    },
    {
      "name": "CVE-2010-3454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3454"
    },
    {
      "name": "CVE-2010-4253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4253"
    },
    {
      "name": "CVE-2010-3450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3450"
    },
    {
      "name": "CVE-2010-3689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3689"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2010-2935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2935"
    }
  ],
  "initial_release_date": "2011-04-21T00:00:00",
  "last_revision_date": "2011-04-21T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-243",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-04-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une mise \u00e0 jour \u00e9mise par \u003cspan class=\"textit\"\u003eIBM\u003c/span\u003e corrige de\nnombreuses vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eIBM Lotus\nSymphony\u003c/span\u003e.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans IBM Lotus Symphony",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21496070 du 20 avril 2011",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21496070"
    }
  ]
}

CERTA-2011-AVI-022

Vulnerability from certfr_avis

De multiples vulnérabilités présentes dans les produits Oracle permettent à un utilisateur malveillant de contourner la politique de sécurité.

Description

De multiples vulnérabilités ont été corrigées dans les produits Oracle tels que Oracle Database, Oracle Application Server ou Oracle Open Office. Certaines de ces vulnérabilités peuvent être exploitées par un utilisateur malveillant distant pour contourner la politique de sécurité ou encore porter atteinte à l'intégrité et/ou la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0, 10.1.3.4.1, 11.1.1.3 ;
Oracle	N/A	Oracle Transportation Manager, versions 5.5, 6.0, 6.1, 6.2 ;
Oracle	N/A	Oracle Sun Product Suite ;
Oracle	N/A	Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3 ;
Oracle	N/A	Oracle Document Capture, versions 10.1.3.4, 10.1.3.5 ;
Oracle	N/A	Oracle Application Server 10g Release 2, version 10.1.2.3.0 ;
Oracle	N/A	Oracle Enterprise Manager Real User Experience Insight, version RUEI 6.0 ;
Oracle	N/A	Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5 ;
Oracle	N/A	Oracle JRockit versions, R27.6.7 et antérieures (JDK/JRE 1.4.2, 5, 6), R28.0.1 et antérieures (JDK/JRE 5, 6) ;
Oracle	N/A	Oracle E-Business Suite Release 11i, version 11.5.10.2 ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise CRM, versions 8.9, 9.0, 9.1 ;
Oracle	N/A	Oracle Audit Vault 10g Release 2, version 10.2.3.2 ;
Oracle	N/A	Oracle Argus Safety, versions 5.0, 5.0.1, 5.0.2, 5.0.3 ;
Oracle	N/A	Oracle Database 10g Release 1, version 10.1.0.5 ;
Oracle	N/A	Oracle Outside In Technology, version 8.3.0 ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise PeopleTools, versions 8.49, 8.50, 8.51 ;
Oracle	N/A	Oracle InForm Portal, versions 4.5, 4.6, 5.0 ;
Oracle	Weblogic	Oracle WebLogic Server, versions 7.0.7, 8.1.6, 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, 10.3.3 ;
Oracle	N/A	Oracle Agile Core, versions 9.3.0.2, 9.3.1 ;
Oracle	N/A	Oracle Database 11g Release 1, version 11.1.0.7 ;
Oracle	N/A	Oracle Open Office, version 3.2.1 and StarOffice/StarSuite, versions 7, 8.
Oracle	N/A	Oracle Database 11g Release 2, version 11.2.0.1 ;
Oracle	N/A	Oracle Enterprise Manager Suite Release 10, version 10.2.0.5 ;
Oracle	N/A	Oracle GoldenGate Veridata, version 3.0.0.4 ;
Oracle	N/A	Oracle Beehive, versions 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, 2.0.1.3 ;
Oracle	N/A	Oracle Fusion Middleware, 11g Release 1, versions 11.1.1.2.0, 11.1.1.3.0 ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise HRMS, versions 8.9, 9.0, 9.1 ;
Oracle	N/A	Oracle Secure Backup 10g Release 3, version 10.3.0.2 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle de janvier 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0, 10.1.3.4.1, 11.1.1.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Transportation Manager, versions 5.5, 6.0, 6.1, 6.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Sun Product Suite ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Document Capture, versions 10.1.3.4, 10.1.3.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Application Server 10g Release 2, version 10.1.2.3.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Enterprise Manager Real User Experience Insight, version RUEI 6.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle JRockit versions, R27.6.7 et ant\u00e9rieures (JDK/JRE 1.4.2, 5, 6), R28.0.1 et ant\u00e9rieures (JDK/JRE 5, 6) ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle E-Business Suite Release 11i, version 11.5.10.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise CRM, versions 8.9, 9.0, 9.1 ;",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Audit Vault 10g Release 2, version 10.2.3.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Argus Safety, versions 5.0, 5.0.1, 5.0.2, 5.0.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 10g Release 1, version 10.1.0.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Outside In Technology, version 8.3.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise PeopleTools, versions 8.49, 8.50, 8.51 ;",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle InForm Portal, versions 4.5, 4.6, 5.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle WebLogic Server, versions 7.0.7, 8.1.6, 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, 10.3.3 ;",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Agile Core, versions 9.3.0.2, 9.3.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 11g Release 1, version 11.1.0.7 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Open Office, version 3.2.1 and StarOffice/StarSuite, versions 7, 8.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 11g Release 2, version 11.2.0.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Enterprise Manager Suite Release 10, version 10.2.0.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle GoldenGate Veridata, version 3.0.0.4 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Beehive, versions 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, 2.0.1.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Fusion Middleware, 11g Release 1, versions 11.1.1.2.0, 11.1.1.3.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise HRMS, versions 8.9, 9.0, 9.1 ;",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Secure Backup 10g Release 3, version 10.3.0.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits Oracle\ntels que Oracle Database, Oracle Application Server ou Oracle Open\nOffice. Certaines de ces vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es par un\nutilisateur malveillant distant pour contourner la politique de s\u00e9curit\u00e9\nou encore porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et/ou la confidentialit\u00e9 des\ndonn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4429"
    },
    {
      "name": "CVE-2010-4415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4415"
    },
    {
      "name": "CVE-2010-4438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4438"
    },
    {
      "name": "CVE-2010-3586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3586"
    },
    {
      "name": "CVE-2010-3593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3593"
    },
    {
      "name": "CVE-2010-4439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4439"
    },
    {
      "name": "CVE-2010-4421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4421"
    },
    {
      "name": "CVE-2010-4453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4453"
    },
    {
      "name": "CVE-2010-4433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4433"
    },
    {
      "name": "CVE-2010-4419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4419"
    },
    {
      "name": "CVE-2010-4464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4464"
    },
    {
      "name": "CVE-2010-4457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4457"
    },
    {
      "name": "CVE-2010-4432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4432"
    },
    {
      "name": "CVE-2010-4460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4460"
    },
    {
      "name": "CVE-2010-3590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3590"
    },
    {
      "name": "CVE-2010-4416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4416"
    },
    {
      "name": "CVE-2010-4414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4414"
    },
    {
      "name": "CVE-2010-4420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4420"
    },
    {
      "name": "CVE-2010-3592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3592"
    },
    {
      "name": "CVE-2010-3600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3600"
    },
    {
      "name": "CVE-2010-4418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4418"
    },
    {
      "name": "CVE-2010-4456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4456"
    },
    {
      "name": "CVE-2010-4441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4441"
    },
    {
      "name": "CVE-2010-4440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4440"
    },
    {
      "name": "CVE-2010-4436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4436"
    },
    {
      "name": "CVE-2010-4443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4443"
    },
    {
      "name": "CVE-2010-4434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4434"
    },
    {
      "name": "CVE-2010-4437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4437"
    },
    {
      "name": "CVE-2009-4269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4269"
    },
    {
      "name": "CVE-2010-2936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2936"
    },
    {
      "name": "CVE-2010-3588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3588"
    },
    {
      "name": "CVE-2010-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3510"
    },
    {
      "name": "CVE-2010-4428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4428"
    },
    {
      "name": "CVE-2010-4446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4446"
    },
    {
      "name": "CVE-2010-4459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4459"
    },
    {
      "name": "CVE-2010-4426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4426"
    },
    {
      "name": "CVE-2010-2632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2632"
    },
    {
      "name": "CVE-2010-4461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4461"
    },
    {
      "name": "CVE-2010-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3597"
    },
    {
      "name": "CVE-2010-3587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3587"
    },
    {
      "name": "CVE-2010-4442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4442"
    },
    {
      "name": "CVE-2010-3599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3599"
    },
    {
      "name": "CVE-2010-4413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4413"
    },
    {
      "name": "CVE-2010-3505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3505"
    },
    {
      "name": "CVE-2010-3594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3594"
    },
    {
      "name": "CVE-2010-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4449"
    },
    {
      "name": "CVE-2010-3598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3598"
    },
    {
      "name": "CVE-2010-4445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4445"
    },
    {
      "name": "CVE-2010-4458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4458"
    },
    {
      "name": "CVE-2010-4417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4417"
    },
    {
      "name": "CVE-2010-3596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3596"
    },
    {
      "name": "CVE-2010-4444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4444"
    },
    {
      "name": "CVE-2010-4425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4425"
    },
    {
      "name": "CVE-2010-3591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3591"
    },
    {
      "name": "CVE-2010-4423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4423"
    },
    {
      "name": "CVE-2010-4431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4431"
    },
    {
      "name": "CVE-2010-4427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4427"
    },
    {
      "name": "CVE-2010-4435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4435"
    },
    {
      "name": "CVE-2010-3574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
    },
    {
      "name": "CVE-2010-4424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4424"
    },
    {
      "name": "CVE-2010-2935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2935"
    },
    {
      "name": "CVE-2010-4430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4430"
    },
    {
      "name": "CVE-2010-1227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1227"
    },
    {
      "name": "CVE-2010-3595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3595"
    },
    {
      "name": "CVE-2010-3589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3589"
    },
    {
      "name": "CVE-2010-4455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4455"
    }
  ],
  "initial_release_date": "2011-01-19T00:00:00",
  "last_revision_date": "2011-01-19T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-022",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-01-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans les produits Oracle\npermettent \u00e0 un utilisateur malveillant de contourner la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Oracle",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle de janvier 2011",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
    }
  ]
}

CERTA-2011-AVI-039

Vulnerability from certfr_avis

De multiples vulnérabilités dans OpenOffice.org permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

Plusieurs vulnérabilités ont été découvertes dans OpenOffice.org. Elle permettent à un utilisateur distant, par le biais d'un document malveillant, d'exécuter du code arbitraire avec les privilèges de l'application.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

OpenOffice.org, versions 3.x antérieures à la version 3.3.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité OpenOffice.org	None	vendor-advisory
Bulletin de sécurité Debian dsa-2151 du 26 janvier 2011 :	-	other
Bulletin de sécurité RedHat RHSA-2011-0181 du 28 janvier 2011 :	-	other
Bulletins de sécurité OpenOffice du 26 janvier 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eOpenOffice.org, versions 3.x  ant\u00e9rieures \u00e0 la version 3.3.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans OpenOffice.org. Elle\npermettent \u00e0 un utilisateur distant, par le biais d\u0027un document\nmalveillant, d\u0027ex\u00e9cuter du code arbitraire avec les privil\u00e8ges de\nl\u0027application.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-3702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3702"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-4643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4643"
    },
    {
      "name": "CVE-2010-3453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3453"
    },
    {
      "name": "CVE-2010-3451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3451"
    },
    {
      "name": "CVE-2010-3452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3452"
    },
    {
      "name": "CVE-2010-2936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2936"
    },
    {
      "name": "CVE-2010-3454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3454"
    },
    {
      "name": "CVE-2010-4253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4253"
    },
    {
      "name": "CVE-2010-3450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3450"
    },
    {
      "name": "CVE-2010-3689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3689"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2010-2935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2935"
    },
    {
      "name": "CVE-2010-3704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3704"
    }
  ],
  "initial_release_date": "2011-01-28T00:00:00",
  "last_revision_date": "2011-02-01T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian dsa-2151 du 26 janvier 2011 :",
      "url": "http://www.debian.org/security/2011/dsa-2151"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2011-0181 du 28 janvier    2011 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-0181.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 OpenOffice du 26 janvier 2011 :",
      "url": "http://www.openoffice.org/security/bulletin.html"
    }
  ],
  "reference": "CERTA-2011-AVI-039",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-01-28T00:00:00.000000"
    },
    {
      "description": "ajout des bulletins des distributions Debian et RedHat.",
      "revision_date": "2011-02-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 OpenOffice.org",
      "url": null
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2010-2935 (GCVE-0-2010-2935)

Vulnerability from cvelistv5

CERTA-2011-AVI-243

Vulnerability from certfr_avis

Description

Solution

CERTA-2011-AVI-022

Vulnerability from certfr_avis

Description

Solution

CERTA-2011-AVI-039

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature